package com.xdja.pki.gmssl.test;

import com.xdja.pki.gmssl.core.utils.GMSSLX509Utils;
import com.xdja.pki.gmssl.crypto.sdf.SdfPrivateKey;
import com.xdja.pki.gmssl.crypto.utils.GMSSLSM2KeyUtils;
import com.xdja.pki.gmssl.keystore.utils.GMSSLKeyStoreUtils;
import com.xdja.pki.gmssl.x509.utils.GMSSLCertUtils;
import com.xdja.pki.gmssl.x509.utils.GMSSLExtensionUtils;
import com.xdja.pki.gmssl.x509.utils.bean.GMSSLSignatureAlgorithm;
import java.io.File;
import java.io.FileWriter;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.concurrent.atomic.AtomicLong;

/* loaded from: input_file:com/xdja/pki/gmssl/test/GMSSLX509CertUtils.class */
public class GMSSLX509CertUtils {
    public static AtomicLong serialNumber;
    public static Date noBefore;
    public static Date noAfter;

    public static void first() {
        serialNumber = new AtomicLong(System.currentTimeMillis());
        Date date = new Date();
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(date);
        calendar.add(5, -1);
        noBefore = calendar.getTime();
        calendar.add(1, 30);
        noAfter = calendar.getTime();
    }

    public static X509Certificate genRootCertByYunHsm(String str, int i, String str2) throws Exception {
        first();
        ArrayList arrayList = new ArrayList();
        arrayList.add(GMSSLExtensionUtils.genRootCertKeyUsageExtension());
        arrayList.add(GMSSLExtensionUtils.genBasicConstraintsExtension(1));
        PublicKey signPublicKeyByYunhsm = GMSSLSM2KeyUtils.getSignPublicKeyByYunhsm(i);
        return GMSSLCertUtils.generateCertByYunhsm(str, str, BigInteger.valueOf(serialNumber.getAndIncrement()), noBefore, noAfter, GMSSLSM2KeyUtils.genSdfPrivateKey(i, str2), signPublicKeyByYunhsm, GMSSLSignatureAlgorithm.SM3_WITH_SM2.getSigAlgName(), arrayList);
    }

    public static X509Certificate genEncCertByYunHsm(String str, int i, String str2, int i2, String str3) throws Exception {
        first();
        ArrayList arrayList = new ArrayList();
        arrayList.add(GMSSLExtensionUtils.genEncryptCertKeyUsageExtension());
        return GMSSLCertUtils.generateCertByYunhsm(str2, str, BigInteger.valueOf(serialNumber.getAndIncrement()), noBefore, noAfter, i2, str3, GMSSLSM2KeyUtils.getEncryptPublicKeyByYunhsm(i), GMSSLSignatureAlgorithm.SM3_WITH_SM2.getSigAlgName(), arrayList);
    }

    public static X509Certificate genSignCertByYunHsm(String str, int i, String str2, int i2, String str3) throws Exception {
        first();
        ArrayList arrayList = new ArrayList();
        arrayList.add(GMSSLExtensionUtils.genSignatureCertKeyUsageExtension());
        return GMSSLCertUtils.generateCertByYunhsm(str2, str, BigInteger.valueOf(serialNumber.getAndIncrement()), noBefore, noAfter, i2, str3, GMSSLSM2KeyUtils.getSignPublicKeyByYunhsm(i), GMSSLSignatureAlgorithm.SM3_WITH_SM2.getSigAlgName(), arrayList);
    }

    public static X509Certificate genRootCertByBC(String str, KeyPair keyPair) throws Exception {
        first();
        ArrayList arrayList = new ArrayList();
        arrayList.add(GMSSLExtensionUtils.genRootCertKeyUsageExtension());
        arrayList.add(GMSSLExtensionUtils.genBasicConstraintsExtension(1));
        return GMSSLCertUtils.generateCertByBC(str, str, BigInteger.valueOf(serialNumber.getAndIncrement()), noBefore, noAfter, keyPair.getPrivate(), keyPair.getPublic(), GMSSLSignatureAlgorithm.SM3_WITH_SM2.getSigAlgName(), arrayList);
    }

    public static X509Certificate genSignCertByBC(String str, KeyPair keyPair, String str2, KeyPair keyPair2) throws Exception {
        first();
        ArrayList arrayList = new ArrayList();
        arrayList.add(GMSSLExtensionUtils.genSignatureCertKeyUsageExtension());
        return GMSSLCertUtils.generateCertByBC(str2, str, BigInteger.valueOf(serialNumber.getAndIncrement()), noBefore, noAfter, keyPair2.getPrivate(), keyPair.getPublic(), GMSSLSignatureAlgorithm.SM3_WITH_SM2.getSigAlgName(), arrayList);
    }

    public static X509Certificate genEncCertByBC(String str, KeyPair keyPair, String str2, KeyPair keyPair2) throws Exception {
        first();
        ArrayList arrayList = new ArrayList();
        arrayList.add(GMSSLExtensionUtils.genEncryptCertKeyUsageExtension());
        return GMSSLCertUtils.generateCertByBC(str2, str, BigInteger.valueOf(serialNumber.getAndIncrement()), noBefore, noAfter, keyPair2.getPrivate(), keyPair.getPublic(), GMSSLSignatureAlgorithm.SM3_WITH_SM2.getSigAlgName(), arrayList);
    }

    public static X509Certificate genRootCertByPCIE(String str, int i, String str2) throws Exception {
        first();
        ArrayList arrayList = new ArrayList();
        arrayList.add(GMSSLExtensionUtils.genRootCertKeyUsageExtension());
        arrayList.add(GMSSLExtensionUtils.genBasicConstraintsExtension(1));
        return GMSSLCertUtils.generateCertByPcie(str, str, BigInteger.valueOf(serialNumber.getAndIncrement()), noBefore, noAfter, i, str2, GMSSLSM2KeyUtils.getSignPublicKeyByPcie(i), GMSSLSignatureAlgorithm.SM3_WITH_SM2.getSigAlgName(), arrayList);
    }

    public static X509Certificate genEncCertByPCIE(String str, int i, String str2, int i2, String str3) throws Exception {
        first();
        ArrayList arrayList = new ArrayList();
        arrayList.add(GMSSLExtensionUtils.genEncryptCertKeyUsageExtension());
        return GMSSLCertUtils.generateCertByPcie(str2, str, BigInteger.valueOf(serialNumber.getAndIncrement()), noBefore, noAfter, i2, str3, GMSSLSM2KeyUtils.getEncryptPublicKeyByPcie(i), GMSSLSignatureAlgorithm.SM3_WITH_SM2.getSigAlgName(), arrayList);
    }

    public static X509Certificate genSignCertByPCIE(String str, int i, String str2, int i2, String str3) throws Exception {
        first();
        ArrayList arrayList = new ArrayList();
        arrayList.add(GMSSLExtensionUtils.genSignatureCertKeyUsageExtension());
        return GMSSLCertUtils.generateCertByPcie(str2, str, BigInteger.valueOf(serialNumber.getAndIncrement()), noBefore, noAfter, i2, str3, GMSSLSM2KeyUtils.getSignPublicKeyByPcie(i), GMSSLSignatureAlgorithm.SM3_WITH_SM2.getSigAlgName(), arrayList);
    }

    public static void saveCert(X509Certificate x509Certificate, X509Certificate x509Certificate2, X509Certificate x509Certificate3, PrivateKey privateKey, PrivateKey privateKey2, String str) throws Exception {
        String str2 = str + File.separator;
        File file = new File(str2);
        if (!file.exists()) {
            file.mkdirs();
        }
        KeyStore generateGMSSLKeyStore = GMSSLKeyStoreUtils.generateGMSSLKeyStore("password", x509Certificate, "sign", privateKey, x509Certificate2, "enc", privateKey2, x509Certificate3);
        KeyStore generateGMSSLTrustStore = GMSSLKeyStoreUtils.generateGMSSLTrustStore(x509Certificate);
        GMSSLX509Utils.writeCertificateToPem(str2, "ca", x509Certificate);
        GMSSLX509Utils.writeObjectToPem(str2, "ca_public", x509Certificate.getPublicKey());
        GMSSLX509Utils.writeCertificateToCer(str2, "ca", x509Certificate);
        GMSSLX509Utils.writeCertificateToPem(str2, "sign", x509Certificate2);
        GMSSLX509Utils.writeObjectToPem(str2, "sign_public", x509Certificate2.getPublicKey());
        if (privateKey instanceof SdfPrivateKey) {
            FileWriter fileWriter = new FileWriter(str2 + "ca_server_key.pem", false);
            fileWriter.write(privateKey.toString());
            fileWriter.close();
        } else {
            GMSSLX509Utils.writeObjectToPem(str2, "sign_private", privateKey);
            GMSSLX509Utils.writeObjectToPem(str2, "enc_private", privateKey2);
            GMSSLX509Utils.writeKeyStoreToP12(generateGMSSLKeyStore, "password".toCharArray(), str2, "sign");
            GMSSLX509Utils.writeKeyStoreToP12(generateGMSSLKeyStore, "password".toCharArray(), str2, "enc");
        }
        GMSSLX509Utils.writeCertificateToCer(str2, "sign", x509Certificate2);
        GMSSLX509Utils.writeCertificateToPem(str2, "enc", x509Certificate3);
        GMSSLX509Utils.writeCertificateToCer(str2, "enc", x509Certificate3);
        GMSSLKeyStoreUtils.saveGMSSLKeyStore(generateGMSSLKeyStore, "password", str2, "server");
        GMSSLKeyStoreUtils.saveGMSSLKeyStore(generateGMSSLTrustStore, "password", str2, "trust");
        GMSSLX509Utils.writeKeyStoreToP12(generateGMSSLTrustStore, "password".toCharArray(), str2, "trust");
    }
}
